From a6955bbff01a64f2110419c66f17caace90b8748 Mon Sep 17 00:00:00 2001
From: Luis Gerhorst <gerhorst@cs.fau.de>
Date: Thu, 21 Dec 2023 16:15:58 +0100
Subject: [PATCH] [DRAFT] bpf: Prevent bounds sanitization-error using
 nospec_v1_result

---
 kernel/bpf/verifier.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index 591f8714b453..9772e02f8ea8 100644
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -11770,9 +11770,11 @@ static int sanitize_err(struct bpf_verifier_env *env,
 
 	switch (reason) {
 	case REASON_BOUNDS:
-		verbose(env, "R%d has unknown scalar with mixed signed bounds, %s\n",
-			off_reg == dst_reg ? dst : src, err);
-		break;
+		/* Register has unknown scalar with mixed signed bounds. */
+		WARN_ON_ONCE(env->cur_state->speculative);
+		aux->nospec_v1_result = true;
+		aux->alu_state = 0;
+		return 0;
 	case REASON_TYPE:
 		/* Register has pointer with unsupported alu operation. */
 		aux->nospec_v1_result = true;
-- 
GitLab